$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150241.roa File: AS150241.roa (raw, json) Hash identifier: 5nGBhl4elxj6+EhTD1/qH0bK6xAx7irHnC84rwHnZhA= Subject key identifier: B2:E2:9C:40:14:83:20:60:81:AA:C6:2B:94:9E:2B:87:23:80:6B:DC Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 54E3810AC22BFB161747DBB4F4B5BA1652029670 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150241.roa Signing time: Sat 02 May 2026 21:25:39 +0000 ROA not before: Sat 02 May 2026 21:20:39 +0000 ROA not after: Sat 01 May 2027 21:25:39 +0000 asID: 150241 IP address blocks: 2001:df1:a6c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:e3:81:0a:c2:2b:fb:16:17:47:db:b4:f4:b5:ba:16:52:02:96:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:20:39 2026 GMT Not After : May 1 21:25:39 2027 GMT Subject: CN=B2E29C401483206081AAC62B949E2B8723806BDC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:2b:02:93:e7:5e:61:5c:2c:cf:29:4c:b4:6e: 98:0b:ff:eb:ad:03:56:8a:56:c5:38:6f:77:b9:87: 5e:8f:c4:aa:67:39:f4:1a:a2:f3:4e:10:01:35:23: 46:af:20:d6:09:8b:c5:bf:47:75:17:a2:00:dd:0d: 24:c6:12:67:3e:7f:ab:e1:83:80:ef:71:22:48:f4: 7a:63:24:97:4f:8c:a4:8f:f3:aa:cc:f1:52:58:ff: 31:b5:1e:f5:e5:91:8b:b4:66:42:72:b1:87:66:98: 47:d7:5e:3d:6d:21:a9:68:ae:1b:62:bd:6f:de:8d: 3e:a1:31:aa:99:a6:bd:cf:83:a5:87:d5:9e:86:9f: 1e:49:85:2b:b1:d8:bf:27:82:a7:cd:f3:b0:a6:82: 52:93:fd:41:94:31:21:e3:48:f3:c2:1a:a4:f9:74: ee:d9:b6:b3:20:40:82:6e:3a:9f:fb:e8:cd:8b:03: 82:c4:fc:bf:e2:25:51:04:f2:7e:b6:bc:de:d1:ef: 04:95:c2:6d:08:b1:97:3c:49:76:d2:79:12:36:7a: 6d:be:3e:b9:43:f5:c2:12:14:0d:9d:b3:b5:08:ba: 6c:a1:b5:5c:80:ba:32:b4:b9:43:68:d4:eb:3e:64: eb:0a:62:80:49:dd:14:14:05:d7:75:cb:e1:f2:a4: 03:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:E2:9C:40:14:83:20:60:81:AA:C6:2B:94:9E:2B:87:23:80:6B:DC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150241.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:a6c0::/48 Signature Algorithm: sha256WithRSAEncryption 52:7d:b8:cd:18:ef:e1:ef:60:f9:6a:3b:7d:37:87:5c:4e:a7: 19:bc:77:40:c6:52:b4:25:13:1a:bf:65:d5:61:0f:b0:b2:52: 87:95:00:47:71:5a:12:9e:22:15:64:83:2c:00:75:af:93:46: 49:49:89:a6:4e:65:0b:a8:3a:c5:85:c6:24:76:89:37:38:b4: 4f:72:3c:83:fe:5d:23:29:97:ee:c6:47:75:54:59:7d:ea:c8: 97:fb:b0:e2:a4:8b:fe:db:6b:f4:32:96:3f:30:1f:3e:38:75: a7:80:dd:e7:ff:4d:cd:13:95:a5:b4:4a:79:8b:77:41:27:88: 58:b6:3b:ab:e3:6b:16:f5:05:aa:5b:5e:81:ef:55:ad:17:ae: 5f:18:8c:c4:2a:db:b5:f5:31:68:b5:c0:6c:28:79:36:b0:84: f8:32:61:d3:84:40:30:c5:0e:62:91:08:a9:ab:33:82:30:02: 23:62:b6:77:86:32:20:9e:75:5a:88:f6:79:4a:7f:cb:d9:8a: 7c:cc:1f:20:30:18:6a:90:7d:09:4f:ba:a5:14:29:1d:73:22: 70:12:b3:eb:26:4f:de:f0:81:6a:62:20:8f:44:78:e8:67:93: 14:c8:54:bd:f8:3e:2d:59:54:11:54:3f:08:87:a6:a1:4c:33: 48:ca:f8:bc -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUVOOBCsIr+xYXR9u09LW6FlIClnAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjAzOVoX DTI3MDUwMTIxMjUzOVowMzExMC8GA1UEAxMoQjJFMjlDNDAxNDgzMjA2MDgxQUFD NjJCOTQ5RTJCODcyMzgwNkJEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsrApPnXmFcLM8pTLRumAv/660DVopWxThvd7mHXo/Eqmc59Bqi804QATUj Rq8g1gmLxb9HdReiAN0NJMYSZz5/q+GDgO9xIkj0emMkl0+MpI/zqszxUlj/MbUe 9eWRi7RmQnKxh2aYR9dePW0hqWiuG2K9b96NPqExqpmmvc+DpYfVnoafHkmFK7HY vyeCp83zsKaCUpP9QZQxIeNI88IapPl07tm2syBAgm46n/vozYsDgsT8v+IlUQTy fra83tHvBJXCbQixlzxJdtJ5EjZ6bb4+uUP1whIUDZ2ztQi6bKG1XIC6MrS5Q2jU 6z5k6wpigEndFBQF13XL4fKkA0UCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSy4pxA FIMgYIGqxiuUniuHI4Br3DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwMjQxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8abAMA0GCSqGSIb3DQEBCwUAA4IBAQBSfbjNGO/h72D5ajt9N4dc TqcZvHdAxlK0JRMav2XVYQ+wslKHlQBHcVoSniIVZIMsAHWvk0ZJSYmmTmULqDrF hcYkdok3OLRPcjyD/l0jKZfuxkd1VFl96siX+7DipIv+22v0MpY/MB8+OHWngN3n /03NE5WltEp5i3dBJ4hYtjur42sW9QWqW16B71WtF65fGIzEKtu19TFotcBsKHk2 sIT4MmHThEAwxQ5ikQipqzOCMAIjYrZ3hjIgnnVaiPZ5Sn/L2Yp8zB8gMBhqkH0J T7qlFCkdcyJwErPrJk/e8IFqYiCPRHjoZ5MUyFS9+D4tWVQRVD8Ih6ahTDNIyvi8 -----END CERTIFICATE-----Generated at Sun May 3 00:40:36 2026 by rpki-client